phishing

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms 2025-08-29 at 14:19 By Zeljka Zorz A recently uncovered phishing campaign – carefully designed to bypass security defenses and avoid detection by its intended victims – is targeting firms in industrial manufacturing and other companies critical to various supply chains, Check Point […]

React to this headline:

Loading spinner

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms Read More »

Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect

Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect 2025-08-27 at 20:01 By Kevin Townsend AI-powered phishing attacks leverage ConnectWise ScreenConnect for remote access, underscoring their sophistication. The post Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect Read More »

What CISOs can learn from Doppel’s new AI-driven social engineering simulation

What CISOs can learn from Doppel’s new AI-driven social engineering simulation 2025-08-27 at 07:51 By Sinisa Markovic Doppel has introduced a new product called Doppel Simulation, which expands its platform for defending against social engineering. The tool uses autonomous AI agents to create multi-channel simulations that mirror how attackers operate across email, SMS, messaging apps,

React to this headline:

Loading spinner

What CISOs can learn from Doppel’s new AI-driven social engineering simulation Read More »

URL-based threats become a go-to tactic for cybercriminals

URL-based threats become a go-to tactic for cybercriminals 2025-08-21 at 07:34 By Help Net Security Cybercriminals are using advanced social engineering and AI-generated content to make malicious URLs difficult for users to identify, according to Proofpoint. Whether through email, text messages, or collaboration apps, URL-based threats now dominate the cyber threat landscape. Attackers are not

React to this headline:

Loading spinner

URL-based threats become a go-to tactic for cybercriminals Read More »

Cybercriminals are getting personal, and it’s working

Cybercriminals are getting personal, and it’s working 2025-08-07 at 09:15 By Help Net Security Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or obfuscated deployments, according to VIPRE Security. These phishing kits can’t easily be reverse-engineered, tracked, or caught. AI makes them

React to this headline:

Loading spinner

Cybercriminals are getting personal, and it’s working Read More »

UK Student Sentenced to Prison for Selling Phishing Kits

UK Student Sentenced to Prison for Selling Phishing Kits 2025-07-25 at 16:19 By Ionut Arghire Ollie Holman was sentenced to prison for selling over 1,000 phishing kits that caused estimated losses of over $134 million. The post UK Student Sentenced to Prison for Selling Phishing Kits appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

UK Student Sentenced to Prison for Selling Phishing Kits Read More »

High-Value NPM Developers Compromised in New Phishing Campaign

High-Value NPM Developers Compromised in New Phishing Campaign 2025-07-24 at 14:22 By Ionut Arghire Hackers have injected malware into popular NPM packages after compromising several developer accounts in a fresh phishing campaign. The post High-Value NPM Developers Compromised in New Phishing Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

High-Value NPM Developers Compromised in New Phishing Campaign Read More »

Phishing campaign targets U.S. Department of Education’s G5 portal

Phishing campaign targets U.S. Department of Education’s G5 portal 2025-07-23 at 13:04 By Anamarija Pogorelec A new phishing campaign is targeting users of the U.S. Department of Education’s G5 portal, a site used by educational institutions and vendors to manage grants and federal education funding. Threat researchers at BforeAI uncovered a cluster of lookalike domains

React to this headline:

Loading spinner

Phishing campaign targets U.S. Department of Education’s G5 portal Read More »

Phishing simulations: What works and what doesn’t

Phishing simulations: What works and what doesn’t 2025-07-23 at 08:31 By Sinisa Markovic Phishing is one of the oldest and most effective scams used by cybercriminals. No one is immune to them, not even internet security experts, as seen in the case of Troy Hunt, who recently fell for a phishing email. Before AI became

React to this headline:

Loading spinner

Phishing simulations: What works and what doesn’t Read More »

Thirteen Romanians Arrested for Phishing the UK’s Tax Service

Thirteen Romanians Arrested for Phishing the UK’s Tax Service 2025-07-14 at 05:16 By Mike Lennon Investigators from HMRC joined more than 100 Romanian police officers to arrest the 13 Romanian suspects in the counties of Ilfov, Giurgiu and Calarasi.  The post Thirteen Romanians Arrested for Phishing the UK’s Tax Service appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Thirteen Romanians Arrested for Phishing the UK’s Tax Service Read More »

You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code

You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code 2025-07-03 at 16:03 By Zeljka Zorz Popular AI chatbots powered by large language models (LLMs) often fail to provide accurate information on any topic, but researchers expect threat actors to ramp up their efforts to get them to spew

React to this headline:

Loading spinner

You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code Read More »

Microsoft 365 Direct Send Abused for Phishing

Microsoft 365 Direct Send Abused for Phishing 2025-06-27 at 11:08 By Ionut Arghire Hackers are abusing the Microsoft 365 Direct Send feature to deliver phishing emails that bypass email security controls. The post Microsoft 365 Direct Send Abused for Phishing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Microsoft 365 Direct Send Abused for Phishing Read More »

ClickFix attacks skyrocketing more than 500%

ClickFix attacks skyrocketing more than 500% 2025-06-26 at 12:02 By Sinisa Markovic ClickFix, a deceptive attack method, saw a surge of more than 500% in the first half of 2025, making it the second most common attack vector after phishing, according to ESET’s latest Threat Report. The report, which looks at trends from December 2024

React to this headline:

Loading spinner

ClickFix attacks skyrocketing more than 500% Read More »

Using AI to outsmart AI-driven phishing scams

Using AI to outsmart AI-driven phishing scams 2025-05-30 at 08:32 By Sinisa Markovic Phishing scams used to be filled with awkward wording and obvious grammar mistakes. Not anymore. AI is now making it harder to distinguish what is real. According to Cofense, email-based scams surged 70% year over year, driven by AI’s ability to automate

React to this headline:

Loading spinner

Using AI to outsmart AI-driven phishing scams Read More »

GitHub becomes go-to platform for malware delivery across Europe

GitHub becomes go-to platform for malware delivery across Europe 2025-05-28 at 07:32 By Help Net Security Phishing has become the go-to method for attackers looking to get past security controls and access sensitive environments in Europe, according to Netskope. Users are now constantly dealing with phishing attempts, which have become so common and credible that

React to this headline:

Loading spinner

GitHub becomes go-to platform for malware delivery across Europe Read More »

Russian Government Hackers Caught Buying Passwords from Cybercriminals

Russian Government Hackers Caught Buying Passwords from Cybercriminals 2025-05-27 at 18:01 By Ryan Naraine Microsoft flags a new Kremlin hacking team buying stolen usernames and passwords from infostealer markets for use in cyberespionage attacks.  The post Russian Government Hackers Caught Buying Passwords from Cybercriminals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Russian Government Hackers Caught Buying Passwords from Cybercriminals Read More »

Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users

Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users 2025-05-21 at 16:54 By Ryan Naraine A mandatory filing to the Maine Attorney General says 69,461 customers nationwide were affected and dates the breach back to last December. The post Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users Read More »

CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide

CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide 2025-05-19 at 16:50 By Anamarija Pogorelec A phishing operation that targets corporate banking accounts across the globe has been analyzed in a new report by CTM360. The campaign uses fake Google ads, advanced filtering techniques, to steal sensitive login credentials and bypass MFA. Researchers uncovered

React to this headline:

Loading spinner

CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide Read More »

Polymorphic phishing attacks flood inboxes

Polymorphic phishing attacks flood inboxes 2025-05-16 at 08:31 By Help Net Security AI is transforming the phishing threat landscape at a pace many security teams are struggling to match, according to Cofense. In 2024, researchers tracked one malicious email every 42 seconds. Many of the 42-second attacks were part of polymorphic phishing attacks. Unlike traditional

React to this headline:

Loading spinner

Polymorphic phishing attacks flood inboxes Read More »

Scroll to Top